PT-2026-6627 · Pubsub · Pubsub
Andrew Fasano
·
Published
2026-02-05
·
Updated
2026-02-05
·
CVE-2026-1301
CVSS v4.0
6.8
Medium
| Vector | AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Versions prior to 2026-1301
Description
A specially crafted JSON message can cause a heap overflow in the PubSub JSON decoder before authentication. This can lead to a process crash and memory corruption. The issue occurs in builds with PubSub and JSON enabled.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Memory Corruption
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Pubsub